So it's ironic that the latest reports suggest that the new worm is making money by infecting PCs with Storm-related malware, called Waledac, and with "scareware" -- fake security software -- called Spyware Protect 2009.

Waledac makes money by sending spam -- about 5,000 to 10,000 e-mails per hour on each infected PC -- and Spyware Protect 2009 charges victims to remove it and then doesn't disappear.

The latest activity on the botnet proves that the makers of Conficker have indeed started to earn cash from criminals by operating a botnet. "In the past, botnet owners would do loads for hire, renting their botnet to send spam. Now, they say, 'Who would like to upload your malware to my botnet?'" Patrick Peterson, Cisco's chief security researcher and a Cisco (NASDAQ: CSCO) fellow, told InternetNews.com.

The result? Over the Internet, the invisible hand of the criminal market loosely joins the work of underground pharmaceutical operations replete with customer service centers, credit card cashing operations, and malware labs.

"This is ruthlessly efficient capitalism," Peterson said, adding that the going rates for this service are $0.13 per U.S.-based PC at the high end of the market down to $0.005 per PC for China-based PCs at the low end.

An enterprise threat?

The threat so far is to home computers. "If they're lucky, the botnet operators will get 0.1 percent of their spam volume from enterprise PCs," Peterson said.

Still, businesses need to ensure that they're protected.

"Enterprises had 30 days to apply a patch from one of the most urgent security vulnerability notices," Peterson added.

Businesses that are infected should spot the spam activity on their networks, but infection vectors can change as can business plans.

"The worst may be yet to come, since Conficker can update itself into anything -- instantaneously. Which means that we can wake up tomorrow with a huge [distributed denial of service, or DDoS attack] network, or a spam bot network," said Amit Klein, CTO and head researcher for Trusteer, a vendor of browser security technology for financial institutions. "But it can also attempt a more subtle move -- a move into financial fraud. There's nothing to prevent Conficker from morphing into financially motivated malware that can collect credentials from browsers, log keystrokes and/or modify transactions."

Others worried about Conficker in virtual environments.

"It is especially easy for the Conficker worm to get into the virtualized environment because new virtual machines are often created using older templates which do not have updated Conficker patches," Kevin Piper, director of technical operations at virtualization security provider Altor Networks, told InternetNews.com.

As a result, experts are urging enterprise network managers to take stock of the situation and avoid panic -- but many also pointed out that if they're following standard security protocols, they should already be well protected.

For instance, since the attack spreads through unpatched software, they should already have locked down any potential threat. Patching is "not even security 101. It's a lesson before that," Peterson said.

"It should be part of your daily operations to make sure this never pops up," he added. "You should be focusing on targeted attacks, especially if you're in an industry such as government, banking, or defense that is facing incredibly sophisticated attacks. You should be worried about the attacks you won't see on '60 Minutes.'"

Still, Peterson added, networks are always under siege and patrolling them isn't a task to be taken lightly.

"Even if you get the best security practices, you have to assume they won't be perfect, that they won't work 100 percent of the time," he said. "You need to be looking for bots, for remote control malware, within your enterprise network."

He also said that all the news about Conficker may not be good for business security.

"On the one hand, we've got reports on '60 Minutes' and CNN, but on the other hand, everyone thinks that if they're not part of a botnet, they don't have a problem, and especially for enterprises, that's absolutely not true."

Advertiser Disclosure:
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.